run salt-master and salt-minion in parallel #1488
Description
From the discussion on the mailinglist:
Problem
Currently salt-master and salt-minion share the pki directory per
default. This is works great unless salt-minion and salt-master run as
different users.
On startup salt-{master,minion} check and fix the permissions for
pki_dir, cachedir and logfile. If salt-master is executed under a non root
user all permissions will be adjusted accordingly. If salt-minion is
started afterwards the permissions will be fixed and adjusted for the
root user. This means salt-master can no longer read or write to pki_dir
and cachedir.
Proposed Solution by Jeff and Thomas
Change verification on the minion, e.g:
- If the directory/file exists and is readable by the minion do nothing
- If the director/file exists and is not readable - abort and log
- If the directory/file does not exist create one with the correct
permissions - If the directory/file does not exist fall back to directories in $HOME, e.g. ~/.cache/salt/minionid.pem or ~/.salt/minionid.pem